package com.example.shirotest.controller;

import com.example.shirotest.base.ResultVo;
import com.example.shirotest.entry.Glass;
import com.example.shirotest.entry.User;
import com.example.shirotest.service.UserService;
import com.example.shirotest.utils.MD5Util;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import java.security.NoSuchAlgorithmException;
import java.util.Set;

@Controller
@RequestMapping("/user")
public class UserController extends BashController {

    @Autowired
    private UserService userService;

    @Autowired
    private Glass glass;

    @RequestMapping("/index")
    public String index(Model model){
        User user = (User)SecurityUtils.getSubject().getPrincipal();

        Set<String> perms = userService.getPermsByUid(user.getId());
        String roleName = userService.getRoleByUid(user.getId());

        glass.setId(user.getId());

        model.addAttribute("userName",user.getName());
        model.addAttribute("userAccount",user.getAccount());
        model.addAttribute("userRole",roleName);
        model.addAttribute("userPerm",perms.toString());

        model.addAttribute("tag_mb","user-index");
        return "user/index";
    }

    @RequestMapping("/editpwd")
    public String editpwd(){
        return "user/editpwd";
    }

    @PostMapping("/editpwdop")
    @ResponseBody
    public ResultVo editpwdop(HttpServletRequest request){
        String pwd = request.getParameter("pwd");
        if(null==pwd || ""==pwd)return new ResultVo(0,"请输入原密码",null);
        String newpwd = request.getParameter("newpwd");
        if(null==newpwd || ""==newpwd)return new ResultVo(0,"请输入新密码",null);
        String repwd = request.getParameter("repwd");
        if(null==repwd || ""==repwd)return new ResultVo(0,"请输入确认码",null);
        if(!newpwd.equals(repwd))return new ResultVo(0,"确认码和新密码不一致",null);

        //修改密码
        User user = (User)SecurityUtils.getSubject().getPrincipal();
        User userinfo = userService.getById(user.getId());

        String pwdmd5 = "";
        try {
            pwdmd5 = MD5Util.encrypt(pwd);
        } catch (NoSuchAlgorithmException e) {
            //throw new RuntimeException(e);
            return new ResultVo(0,e.getMessage(),null);
        }

        if(!userinfo.getPassword().equals(pwdmd5))return new ResultVo(0,"原密码不正确",null);

        String newpwdmd5 = "";
        try {
            newpwdmd5 = MD5Util.encrypt(newpwd);
        }catch (NoSuchAlgorithmException e){
            return new ResultVo(0,e.getMessage(),null);
        }

        userService.updateUserPwd(user.getId(),newpwdmd5);

        return new ResultVo(1,"密码修改成功",null);
    }


    @RequiresPermissions({"user:add"})
    @RequestMapping("/add")
    public @ResponseBody String add(){
        return "user add operation";
    }

    @RequiresPermissions({"user:edit"})
    @RequestMapping("/edit")
    public @ResponseBody String edit(){
        return "user edit operation";
    }

    @RequiresPermissions({"user:delete"})
    @RequestMapping("/delete")
    public @ResponseBody String delete(){
        return "user delete operation";
    }

    @RequestMapping("/logout")
    public String logout(){
        Subject subject = SecurityUtils.getSubject();

        subject.logout();

        return "redirect:/";
    }

}
